Khaled Baqer scite author profile

There is a long history of authentication protocols designed for ease of human use, which rely on users copying a short string of digits. Historical examples include telex test keys and early nuclear firing codes; familiar modern examples include prepayment meter codes and the 3-digit card verification values used in online shopping. In this paper, we show how security protocols that are designed for human readability and interaction can fail to provide adequate protection against simple attacks. To illustrate the problem, we discuss an offline payment protocol and explain various problems. We work through multiple iterations, or 'evolutions', of the protocol in order to get better tradeoffs between security and usability. We discuss the limitation of verifying such protocols using BAN logic. Our aim is to develop usable human-friendly protocols that can be used in constrained offline environments. We conclude that protocol designers need to be good curators of security state, and also pay attention to the interaction between online and offline functions. In fact, we suggest that delay-tolerant networking might be a future direction of evolution for protocol research.

show abstract

Reconciling Multiple Objectives – Politics or Markets?

Anderson

Baqer

2017

View full text Add to dashboard Cite

In this paper we argue that the evolution of protocols is one of the most important yet least understood aspects of the governance of information systems. At the deepest level, security protocols determine the power structure of a system: who can do what with whom. The development, adoption, spread and evolution of protocols, and competition between them, are both political and economic activities. They may reconcile multiple objectives or be the battlefield in which one interest defeats another. They occur at all levels in the online ecosystem, from individual and small-firm action, up through organisations and networks to whole ecosystems-and may eventually play a role in shaping culture, values and norms. They play a key role in innovation: early movers may use protocols to establish a strategic advantage and lock competitors out. How can we understand such complex behaviour? In this paper we sketch a possible framework inspired by research in institutional economics.

show abstract

Digitally: Piloting offline payments for phones

Baqer

Anderson

Mutegi

et al. 2017

View full text Add to dashboard Cite

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Khaled Baqer

Stressing Out: Bitcoin “Stress Testing”

Do You Believe in Tinker Bell? The Social Externalities of Trust

SMAPs: Short Message Authentication Protocols

Reconciling Multiple Objectives – Politics or Markets?

Digitally: Piloting offline payments for phones

Contact Info

Product

Resources

About